stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

save checkpoint

Browse Source
This commit is contained in:
master
2026-02-11 01:32:14 +02:00
parent 5593212b41
commit cf5b72974f
2316 changed files with 68799 additions and 3808 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/Scoring/CombinedImpactCalculatorTests.cs
View File

@@ -187,11 +187,11 @@ public class CombinedImpactCalculatorTests
Reachability = SignalState<ReachabilityEvidence>.Queried(
new ReachabilityEvidence { Status = ReachabilityStatus.Reachable, AnalyzedAt = now }, now),
Runtime = SignalState<RuntimeEvidence>.Queried(
new RuntimeEvidence { Detected = true, DetectedAt = now }, now),
new RuntimeEvidence { Detected = true, Source = "tracer", ObservationStart = now.AddHours(-1), ObservationEnd = now, Confidence = 0.9 }, now),
Backport = SignalState<BackportEvidence>.Queried(
new BackportEvidence { Detected = false, AnalyzedAt = now }, now),
new BackportEvidence { Detected = false, Source = "vendor-advisory", DetectedAt = now, Confidence = 0.8 }, now),
Sbom = SignalState<SbomLineageEvidence>.Queried(
new SbomLineageEvidence { HasLineage = true, AnalyzedAt = now }, now),
new SbomLineageEvidence { SbomDigest = "sha256:abc", Format = "CycloneDX", ComponentCount = 50, GeneratedAt = now, HasProvenance = true }, now),
Cvss = SignalState<CvssEvidence>.Queried(
new CvssEvidence { Version = "3.1", BaseScore = 9.8, Severity = "CRITICAL", Source = "NVD", PublishedAt = now }, now),
SnapshotAt = now

2
src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/Scoring/DeltaIfPresentCalculatorTests.cs
View File

@@ -123,7 +123,7 @@ public sealed class DeltaIfPresentCalculatorTests
gap.BestCase.AssumedValue.Should().Be(0.0);
gap.WorstCase.AssumedValue.Should().Be(1.0);
gap.MaxImpact.Should().BeGreaterOrEqualTo(0.0);
gap.MaxImpact.Should().BeGreaterThanOrEqualTo(0.0);
}
}

113
src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/Scoring/TrustScoreAlgebraFacadeTests.cs
View File

@@ -4,8 +4,6 @@ using Microsoft.Extensions.Time.Testing;
using StellaOps.Policy.Determinization.Evidence;
using StellaOps.Policy.Determinization.Models;
using StellaOps.Policy.Determinization.Scoring;
using StellaOps.Policy.Scoring;
using StellaOps.Policy.TrustLattice;
namespace StellaOps.Policy.Determinization.Tests.Scoring;
@@ -20,7 +18,7 @@ public sealed class TrustScoreAlgebraFacadeTests
private TrustScoreAlgebraFacade CreateFacade()
{
var aggregator = new TrustScoreAggregator(NullLogger<TrustScoreAggregator>.Instance);
var uncertaintyCalculator = new UncertaintyScoreCalculator();
var uncertaintyCalculator = new UncertaintyScoreCalculator(NullLogger<UncertaintyScoreCalculator>.Instance);
return new TrustScoreAlgebraFacade(
aggregator,
uncertaintyCalculator,
@@ -61,10 +59,22 @@ public sealed class TrustScoreAlgebraFacadeTests
var signals = SignalSnapshot.Empty("CVE-2024-1234", "pkg:maven/test@1.0", _timeProvider.GetUtcNow())
with
{
Reachability = SignalState<ReachabilityEvidence>.Present(
new ReachabilityEvidence(ReachabilityStatus.Reachable, 0, 0, null)),
Vex = SignalState<VexClaimSummary>.Present(
new VexClaimSummary("affected", null, null, null, null, null))
Reachability = SignalState<ReachabilityEvidence>.Queried(
new ReachabilityEvidence
{
Status = ReachabilityStatus.Reachable,
Depth = 0,
AnalyzedAt = _timeProvider.GetUtcNow(),
Confidence = 1.0
}, _timeProvider.GetUtcNow()),
Vex = SignalState<VexClaimSummary>.Queried(
new VexClaimSummary
{
Status = "affected",
Confidence = 1.0,
StatementCount = 1,
ComputedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow())
};
var request = new TrustScoreRequest
@@ -91,10 +101,22 @@ public sealed class TrustScoreAlgebraFacadeTests
var signals = SignalSnapshot.Empty("CVE-2024-1234", "pkg:maven/test@1.0", _timeProvider.GetUtcNow())
with
{
Reachability = SignalState<ReachabilityEvidence>.Present(
new ReachabilityEvidence(ReachabilityStatus.Unreachable, 0, 0, null)),
Vex = SignalState<VexClaimSummary>.Present(
new VexClaimSummary("affected", null, null, null, null, null))
Reachability = SignalState<ReachabilityEvidence>.Queried(
new ReachabilityEvidence
{
Status = ReachabilityStatus.Unreachable,
Depth = 0,
AnalyzedAt = _timeProvider.GetUtcNow(),
Confidence = 1.0
}, _timeProvider.GetUtcNow()),
Vex = SignalState<VexClaimSummary>.Queried(
new VexClaimSummary
{
Status = "affected",
Confidence = 1.0,
StatementCount = 1,
ComputedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow())
};
var request = new TrustScoreRequest
@@ -124,10 +146,22 @@ public sealed class TrustScoreAlgebraFacadeTests
var signals = SignalSnapshot.Empty("CVE-2024-1234", "pkg:maven/test@1.0", _timeProvider.GetUtcNow())
with
{
Vex = SignalState<VexClaimSummary>.Present(
new VexClaimSummary("not_affected", null, null, null, null, null)),
Epss = SignalState<EpssEvidence>.Present(
new EpssEvidence(0.85, 0.95)) // High EPSS = True in K4
Vex = SignalState<VexClaimSummary>.Queried(
new VexClaimSummary
{
Status = "not_affected",
Confidence = 1.0,
StatementCount = 1,
ComputedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow()),
Epss = SignalState<EpssEvidence>.Queried(
new EpssEvidence
{
Cve = "CVE-2024-1234",
Epss = 0.85,
Percentile = 0.95,
PublishedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow()) // High EPSS = True in K4
};
var request = new TrustScoreRequest
@@ -153,12 +187,30 @@ public sealed class TrustScoreAlgebraFacadeTests
var signals = SignalSnapshot.Empty("CVE-2024-1234", "pkg:maven/test@1.0", _timeProvider.GetUtcNow())
with
{
Vex = SignalState<VexClaimSummary>.Present(
new VexClaimSummary("affected", null, null, null, null, null)),
Reachability = SignalState<ReachabilityEvidence>.Present(
new ReachabilityEvidence(ReachabilityStatus.Reachable, 0, 0, null)),
Epss = SignalState<EpssEvidence>.Present(
new EpssEvidence(0.75, 0.90))
Vex = SignalState<VexClaimSummary>.Queried(
new VexClaimSummary
{
Status = "affected",
Confidence = 1.0,
StatementCount = 1,
ComputedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow()),
Reachability = SignalState<ReachabilityEvidence>.Queried(
new ReachabilityEvidence
{
Status = ReachabilityStatus.Reachable,
Depth = 0,
AnalyzedAt = _timeProvider.GetUtcNow(),
Confidence = 1.0
}, _timeProvider.GetUtcNow()),
Epss = SignalState<EpssEvidence>.Queried(
new EpssEvidence
{
Cve = "CVE-2024-1234",
Epss = 0.75,
Percentile = 0.90,
PublishedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow())
};
var request = new TrustScoreRequest
@@ -308,9 +360,22 @@ public sealed class TrustScoreAlgebraFacadeTests
var signals = SignalSnapshot.Empty("CVE-2024-1234", "pkg:maven/test@1.0", _timeProvider.GetUtcNow())
with
{
Epss = SignalState<EpssEvidence>.Present(new EpssEvidence(0.35, 0.65)),
Reachability = SignalState<ReachabilityEvidence>.Present(
new ReachabilityEvidence(ReachabilityStatus.Reachable, 2, 5, null))
Epss = SignalState<EpssEvidence>.Queried(
new EpssEvidence
{
Cve = "CVE-2024-1234",
Epss = 0.35,
Percentile = 0.65,
PublishedAt = _timeProvider.GetUtcNow()
}, _timeProvider.GetUtcNow()),
Reachability = SignalState<ReachabilityEvidence>.Queried(
new ReachabilityEvidence
{
Status = ReachabilityStatus.Reachable,
Depth = 2,
AnalyzedAt = _timeProvider.GetUtcNow(),
Confidence = 1.0
}, _timeProvider.GetUtcNow())
};
var request = new TrustScoreRequest

18
src/Policy/__Tests/StellaOps.Policy.Determinization.Tests/Scoring/WeightManifest/WeightManifestLoaderTests.cs
View File

@@ -327,7 +327,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
[Fact]
public void Diff_DifferentVersions_ShowsDifference()
{
var from = new WeightManifestDocument
var fromManifest = new WeightManifestDocument
{
SchemaVersion = "1.0.0",
Version = "v1",
@@ -336,9 +336,9 @@ public sealed class WeightManifestLoaderTests : IDisposable
Weights = new WeightManifestWeights()
};
var to = from with { Version = "v2" };
var to = fromManifest with { Version = "v2" };
var diff = _loader.Diff(from, to);
var diff = _loader.Diff(fromManifest, to);
Assert.True(diff.HasDifferences);
Assert.Contains(diff.Differences, d => d.Path == "version" && d.OldValue == "v1" && d.NewValue == "v2");
@@ -347,7 +347,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
[Fact]
public void Diff_DifferentWeights_ShowsDifferences()
{
var from = new WeightManifestDocument
var fromManifest = new WeightManifestDocument
{
SchemaVersion = "1.0.0",
Version = "v1",
@@ -360,7 +360,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
}
};
var to = from with
var to = fromManifest with
{
Version = "v2",
Weights = new WeightManifestWeights
@@ -370,7 +370,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
}
};
var diff = _loader.Diff(from, to);
var diff = _loader.Diff(fromManifest, to);
Assert.True(diff.HasDifferences);
Assert.Contains(diff.Differences, d => d.Path == "weights.legacy.rch");
@@ -381,7 +381,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
[Fact]
public void Diff_AddedWeight_ShowsAsNewField()
{
var from = new WeightManifestDocument
var fromManifest = new WeightManifestDocument
{
SchemaVersion = "1.0.0",
Version = "v1",
@@ -394,7 +394,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
}
};
var to = from with
var to = fromManifest with
{
Version = "v2",
Weights = new WeightManifestWeights
@@ -406,7 +406,7 @@ public sealed class WeightManifestLoaderTests : IDisposable
}
};
var diff = _loader.Diff(from, to);
var diff = _loader.Diff(fromManifest, to);
Assert.True(diff.HasDifferences);
var mitDiff = diff.Differences.First(d => d.Path == "weights.legacy.mit");